package com.echat.serviceapigateway.security.interceptor;

import com.echat.commonlib.constant.ErrorCode;
import com.echat.commonlib.constant.ErrorCodeMsg;
import com.echat.commonlib.exception.exc.EchatSecurityException;
import com.echat.serviceapigateway.security.tool.StringUtils;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * Created by chenmohan on 2018/08/31
 *
 * @description 验证是否是超级管理员，验证成功才能访问admin相关的接口
 */
@Component
public class AdminUserInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws ServletException, IOException {
        String userName = (String) request.getSession().getAttribute("userName");
        if (StringUtils.isEmpty(userName)) {
            throw new EchatSecurityException(ErrorCode.NOT_LOGIN, ErrorCodeMsg.UNAUTHORIZED_ACCESS);
        }
        return true;
    }
}
